Accelerating Our Economy Through Better Security: Helping America’s Small Businesses Address Cyber Threats

We Keep you Connected

Accelerating Our Economy Through Better Security: Helping America’s Small Businesses Address Cyber Threats

An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (A locked padlock) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
By Eric Goldstein, Executive Assistant Director for Cybersecurity
Our nation’s economic strength and future is grounded in the vitality and prosperity of America’s 33 million small businesses. Entrepreneurs and families across our country invest time, energy, and priceless resources in building and sustaining their businesses. With so much at stake and so much to do, it’s understandable that cybersecurity may not be a top priority for every small business and may be too expensive for those organizations that seek solutions. But criminal groups and other malicious cyber actors are constantly looking for any insecure organizations as an opportunity.
As one example, thousands of small and medium businesses (SMBs) have been harmed by ransomware attacks, with small businesses three times more likely to be targeted by cybercriminals than larger companies and total cost of cybercrimes to small businesses reached $2.4 billion in 2021.
There are steps that we can take to address these risks, but we must take them together:
For more helpful tips that every SMB can use to improve their cybersecurity posture, check out our SMB webpage: Cyber Guidance for Small Businesses.
While CISA is here to help SMBs make the most cost-effective and impactful investments to improve their cybersecurity, we also know that under-resourced organizations can’t secure themselves alone. That’s why the National Cybersecurity Strategy calls for a re-balancing of accountability in which those most able to bear the burden of cybersecurity are expected to take necessary steps in driving needed change. Today, many technology products used by SMBs and organizations across sectors come out of the box with weaknesses that can be exploited by cyber criminals and lack default security features to help prevent intrusions. This model is unsustainable. As a country, one of the most important steps we can take to advance cybersecurity for SMBs is to rapidly evolve toward a model in which technology products are safe and secure by design and default, as described in CISA’s recent product developed with our partners in the NSA, FBI, and six other countries. SMBs should be expected to take the fewest number of cybersecurity steps possible and rely upon those with the resources and expertise to bear the weight of the cybersecurity burden. That’s a recipe for a sustainable future, and one in which we all have a stake.
This Small Business Week, take steps to improve your organizations’ cyber posture. You work hard to build a successful business, so don’t let any cyber attacker take that away. For more information and resources for small business, visit Small and Medium Businesses | Cybersecurity and Infrastructure Security Agency CISA.